diff --git a/README.md b/README.md index ed681a257d2a..0b852579435f 100644 --- a/README.md +++ b/README.md @@ -75,7 +75,7 @@ For each `` listed above, the following hybrid algorithms are made availabl - If `` has L3 security, the method `ecdh-nistp384-` is available, which combines `` with ECDH using NIST's P384 curve - If `` has L5 security, the method `ecdh-nistp521-` is available, which combines `` with ECDH using NIST's P521 curve -Note that algorithms marked with a dagger (†) have large stack usage and may cause failures when run on threads or in constrained environments. +Note that algorithms marked with a dagger (†) have large stack usage and may cause failures when run on threads or in constrained environments. For example, McEliece require building `oqs-openssh` with a large(r) stack provision than is default: Adding `LDFLAGS="-Wl,--stack,20000000"` to [the `./configure` command below](#step-2-build-the-fork) is required to allow cygwin-based testing to pass. #### Digital Signature diff --git a/appveyor.yml b/appveyor.yml new file mode 100644 index 000000000000..337fe0b24db4 --- /dev/null +++ b/appveyor.yml @@ -0,0 +1,36 @@ +version: 1.0.{build} + +# TODO: Add MSVC support +image: Visual Studio 2019 + +platform: x64 + +environment: + matrix: + - BUILD_SHARED: OFF + COMPILER: cygwin + +for: + - matrix: + only: + - OQS_USE_OPENSSL: OFF + before_build: + - cmd: |- + choco install openssl + choco install -y strawberryperl + SET "OPENSSL_ROOT_DIR=C:\OpenSSL-Win64" + +build_script: + - cmd: '%APPVEYOR_BUILD_FOLDER%\appveyor_build.bat' + +before_test: + - cmd: |- + SET "PATH=C:\Python37;C:\Python37\Scripts;%PATH%" + pip.exe install pytest pytest-xdist psutil + +test_script: + - cmd: |- + cd %APPVEYOR_BUILD_FOLDER% + echo "%PATH%" + set PATH=%cd%;c:\cygwin64\bin;%PATH% && echo %PATH% && python oqs-test/try_connection.py doone + diff --git a/appveyor_build.bat b/appveyor_build.bat new file mode 100644 index 000000000000..06e3a20fd4ff --- /dev/null +++ b/appveyor_build.bat @@ -0,0 +1,5 @@ +IF %COMPILER%==cygwin ( + @echo on + SET "PATH=C:\cywin64\bin;c:\cygwin64;%PATH%" + c:\cygwin64\bin\bash.exe -lc "setup-x86_64.exe -qnNdO -R C:/cygwin64 -l C:/cygwin/var/cache/setup -P openssl -P libssl-devel -P zlib -P zlib-devel -P ninja -P cmake -P gcc -P make -P autoconf && cd ${APPVEYOR_BUILD_FOLDER} && openssl version && cygcheck -c && pwd && git clone --depth 1 --branch main https://github.com/open-quantum-safe/liboqs.git && cd liboqs && mkdir build && cd build && cmake .. -GNinja -DCMAKE_VERBOSE_MAKEFILE=ON -DCMAKE_POSITION_INDEPENDENT_CODE=ON -DCMAKE_INSTALL_PREFIX=${APPVEYOR_BUILD_FOLDER}/oqs -DOQS_BUILD_ONLY_LIB=ON && ninja -v && ninja install && cd ${APPVEYOR_BUILD_FOLDER} && mkdir -p -m 0755 /var/empty && export LIBOQS_INSTALL=`pwd`/oqs && autoreconf && LDFLAGS=\"-Wl,--stack,20000000\" ./configure --with-liboqs-dir=`pwd`/oqs --with-libs=-lm && make && make install && TEST_SSH_UNSAFE_PERMISSIONS=1 make tests LTESTS=\"\" " +) diff --git a/regress/Makefile b/regress/Makefile index 8b4ed9de398a..1bfd61864c44 100644 --- a/regress/Makefile +++ b/regress/Makefile @@ -229,6 +229,7 @@ t-exec-interop: ${INTEROP_TESTS:=.sh} @if [ "x$?" = "x" ]; then exit 0; fi; \ for TEST in ""$?; do \ echo "run test $${TEST}" ... 1>&2; \ + chmod go-rwx .; \ (env SUDO="${SUDO}" TEST_ENV=${TEST_ENV} ${TEST_SHELL} ${.CURDIR}/test-exec.sh ${.OBJDIR} ${.CURDIR}/$${TEST}) || exit $$?; \ done diff --git a/regress/test-exec.sh b/regress/test-exec.sh index 5dc975d07d65..5f17a3fe3977 100644 --- a/regress/test-exec.sh +++ b/regress/test-exec.sh @@ -575,6 +575,9 @@ for t in ${SSH_HOSTKEY_TYPES}; do # use key as host key, too $SUDO cp $OBJ/$t $OBJ/host.$t + # ensure proper file access permissions even in cygwin: + $SUDO chmod 600 $OBJ/$t $OBJ/host.$t + echo HostKey $OBJ/host.$t >> $OBJ/sshd_config # don't use SUDO for proxy connect